Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/a1mBaSYmxmcOP8fosXAmInUdpIQ.roa
File: a1mBaSYmxmcOP8fosXAmInUdpIQ.roa (raw, json)
Hash identifier: aG26tcVBzuz96SYMbZZI1/3DPMfTud68F7/gor3gXds=
Subject key identifier: 6B:59:81:69:26:26:C6:67:0E:3F:C7:E8:B1:70:26:22:75:1D:A4:84
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 018CC64ADC59550BF9FC79E9D10B9908028F
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/a1mBaSYmxmcOP8fosXAmInUdpIQ.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 157.23.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:dc:59:55:0b:f9:fc:79:e9:d1:0b:99:08:02:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b5981692626c6670e3fc7e8b1702622751da484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a8:aa:3d:1a:2c:64:3a:be:a5:c9:58:66:f8:
c8:39:f0:8e:5b:de:de:18:6a:71:55:ad:9b:a8:5f:
b0:7f:0f:9f:bf:e6:00:01:25:75:7e:69:6d:5e:ae:
dc:97:50:7e:ee:85:b5:fa:50:c9:bf:59:c5:06:84:
89:00:36:28:2d:ee:59:08:ff:e3:5e:cf:f1:42:32:
d0:22:10:ff:46:27:1e:52:d3:8e:68:96:46:53:9a:
3d:36:9d:d0:20:11:1f:51:2d:b9:27:84:91:e7:f4:
fa:35:5f:b8:3a:8c:35:10:46:05:68:f7:05:61:43:
03:73:ea:58:c2:15:54:7e:90:77:c7:84:24:ec:df:
a0:ae:a4:26:c4:23:99:96:2e:6e:2c:5a:c8:bd:c8:
56:6f:b6:63:6a:e8:af:31:4e:a7:3d:43:23:21:0b:
0c:78:3b:3d:fd:ef:08:3d:2e:60:b9:3e:b4:0e:97:
ce:54:ae:07:68:b7:b7:30:a4:48:b1:6d:83:ca:88:
6c:51:55:aa:3d:b2:ff:a9:43:f7:5f:ce:42:cb:66:
ea:8c:9b:d3:6d:eb:9f:b5:d1:97:68:e6:e0:74:5f:
b3:9d:41:5b:01:89:0a:01:12:b5:ee:3c:e2:20:83:
23:25:dd:f6:bb:e7:dd:e6:92:e4:cb:80:26:83:b7:
09:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:59:81:69:26:26:C6:67:0E:3F:C7:E8:B1:70:26:22:75:1D:A4:84
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/a1mBaSYmxmcOP8fosXAmInUdpIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.248.0/24
Signature Algorithm: sha256WithRSAEncryption
19:d3:d9:4b:77:07:c6:1e:9b:08:5d:43:00:ba:df:5e:b3:59:
d4:2f:18:cd:1f:59:65:a3:e6:28:1a:22:a1:93:7a:93:e9:dd:
56:4b:ab:84:93:2a:d6:96:a8:7e:f7:b5:c7:1d:2e:3a:47:e0:
b1:44:28:b2:e6:37:ab:95:64:0c:c7:eb:bd:ee:6e:92:53:60:
4a:10:19:1e:40:8e:91:e8:cb:b4:c1:55:c4:5e:f2:e3:ba:ae:
19:6c:1d:6b:44:9a:5e:91:0f:40:e4:0a:1a:ab:32:2c:42:9a:
8b:45:00:82:e4:4e:43:d0:bc:23:17:34:e5:2f:86:14:21:f6:
93:a2:30:fc:af:41:26:26:ce:a5:bd:24:dd:cd:43:9d:91:8d:
22:a5:e0:7a:2b:9f:20:b0:93:1f:7e:c9:ae:1a:1a:75:e1:78:
e8:9e:23:bd:7c:44:c1:43:3b:42:41:f0:b4:1a:2c:be:27:7b:
de:1c:ae:cf:b9:68:e9:32:e0:d6:95:c8:20:c7:f4:52:69:c5:
e9:0d:57:78:b7:22:b1:0c:95:f7:74:3b:f1:d2:f6:d0:f1:e9:
e3:29:1e:bf:4e:05:dc:4c:f0:06:62:9a:5d:63:77:e3:57:18:
73:0a:46:05:a2:e6:fc:83:ec:0b:9e:77:c3:25:1a:05:5f:6d:
3a:57:9a:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGStxZVQv5/Hnp0QuZCAKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjU5ODE2OTI2MjZjNjY3MGUzZmM3ZThiMTcwMjYyMjc1MWRhNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaiqPRosZDq+pclYZvjIOfCOW97e
GGpxVa2bqF+wfw+fv+YAASV1fmltXq7cl1B+7oW1+lDJv1nFBoSJADYoLe5ZCP/j
Xs/xQjLQIhD/RiceUtOOaJZGU5o9Np3QIBEfUS25J4SR5/T6NV+4Oow1EEYFaPcF
YUMDc+pYwhVUfpB3x4Qk7N+grqQmxCOZli5uLFrIvchWb7ZjauivMU6nPUMjIQsM
eDs9/e8IPS5guT60DpfOVK4HaLe3MKRIsW2DyohsUVWqPbL/qUP3X85Cy2bqjJvT
beuftdGXaObgdF+znUFbAYkKARK17jziIIMjJd32u+fd5pLky4Amg7cJEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtZgWkmJsZnDj/H6LFwJiJ1HaSEMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvYTFtQmFTWW14bWNPUDhmb3NYQW1JblVkcElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRf4MA0G
CSqGSIb3DQEBCwUAA4IBAQAZ09lLdwfGHpsIXUMAut9es1nULxjNH1llo+YoGiKh
k3qT6d1WS6uEkyrWlqh+97XHHS46R+CxRCiy5jerlWQMx+u97m6SU2BKEBkeQI6R
6Mu0wVXEXvLjuq4ZbB1rRJpekQ9A5AoaqzIsQpqLRQCC5E5D0LwjFzTlL4YUIfaT
ojD8r0EmJs6lvSTdzUOdkY0ipeB6K58gsJMffsmuGhp14XjoniO9fETBQztCQfC0
Giy+J3veHK7PuWjpMuDWlcggx/RSacXpDVd4tyKxDJX3dDvx0vbQ8enjKR6/TgXc
TPAGYppdY3fjVxhzCkYFoub8g+wLnnfDJRoFX206V5rF
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:02 2025 by rpki-client